The SessionIdGenerator Component

The SessionIdGenerator element represents the session
id generator that will be used to create session ids used by
web application HTTP sessions.

A SessionIdGenerator element MAY be nested inside a
Manager component. If it is not included,
a default SessionIdGenerator configuration will be created automatically, which
is sufficient for most requirements, — see
Standard SessionIdGenerator Implementation below for the details
of this configuration.

All implementations of SessionIdGenerator
support the following attributes:

Attribute

Description

className

Java class name of the implementation to use. This class must
implement the org.apache.catalina.SessionIdGenerator interface.
If not specified, the standard value (defined below) will be used.

jvmRoute

A routing identifier for this Tomcat instance. It will be added
to the session id to allow for stateless stickyness routing by
load balancers. The details on how the jvmRoute
will be included in the id are implementation dependent.
See Standard Implementation
for the default behavior.

NOTE - The value for this property is inherited
automatically from the jvmRoute attribute of the
Engine element.

sessionIdLength

The length of session ids created by this SessionIdGenerator.
The details on how the sessionIdLength
influences the session id length are implementation dependent.
See Standard Implementation
for the default behavior.

Tomcat provides a standard implementations of SessionIdGenerator
for use.

Standard SessionIdGenerator Implementation

The standard implementation of SessionIdGenerator is
org.apache.catalina.util.StandardSessionIdGenerator.
It supports the following attributes:

Attribute

Description

jvmRoute

A routing identifier for this Tomcat instance. It will be added
to the end of the session id separated by a ".".

sessionIdLength

The length of session ids created by this SessionIdGenerator.
More precisely the session id length is twice the value of
sessionIdLength plus the length of the trailing
jvmRoute if given. The factor 2 is because
the session id is constructed using sessionIdLength
random bytes, each byte being encoded in two hex characters
in the actual id. The default value is 16.